Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/d827c0-d6d5-48f6-8f45-f1a5ddd7798b/1/HfFJEDDUnETMgv_-tGTektHgOG0.roa
File: HfFJEDDUnETMgv_-tGTektHgOG0.roa (raw, json)
Hash identifier: n6Dq1dMrKgJPnJf8bwIr5DpzEFmjQ+eea+XVV9e+HTg=
Subject key identifier: 1D:F1:49:10:30:D4:9C:44:CC:82:FF:FE:B4:64:DE:92:D1:E0:38:6D
Certificate issuer: /CN=486c2d8af4ce50ce6f43e7df44e0b503700a86c0
Certificate serial: 0196686289F081EC40FA3DA2AED68F653E20
Authority key identifier: 48:6C:2D:8A:F4:CE:50:CE:6F:43:E7:DF:44:E0:B5:03:70:0A:86:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SGwtivTOUM5vQ-ffROC1A3AKhsA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/d827c0-d6d5-48f6-8f45-f1a5ddd7798b/1/HfFJEDDUnETMgv_-tGTektHgOG0.roa
Signing time: Thu 24 Apr 2025 15:20:10 +0000
ROA not before: Thu 24 Apr 2025 15:20:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201295
IP address blocks: 91.243.114.0/24 maxlen: 24
185.252.28.0/24 maxlen: 24
185.252.29.0/24 maxlen: 24
185.252.30.0/24 maxlen: 24
185.252.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/d827c0-d6d5-48f6-8f45-f1a5ddd7798b/1/SGwtivTOUM5vQ-ffROC1A3AKhsA.crl
rsync://rpki.ripe.net/repository/DEFAULT/6c/d827c0-d6d5-48f6-8f45-f1a5ddd7798b/1/SGwtivTOUM5vQ-ffROC1A3AKhsA.mft
rsync://rpki.ripe.net/repository/DEFAULT/SGwtivTOUM5vQ-ffROC1A3AKhsA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 15:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:68:62:89:f0:81:ec:40:fa:3d:a2:ae:d6:8f:65:3e:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=486c2d8af4ce50ce6f43e7df44e0b503700a86c0
Validity
Not Before: Apr 24 15:20:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1df1491030d49c44cc82fffeb464de92d1e0386d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c7:c6:ac:96:76:eb:2c:b3:2b:5e:a0:20:9a:
39:53:a0:8c:a3:f1:d7:6e:32:12:42:4b:0e:8e:57:
a7:8d:fb:89:2d:7f:89:72:f6:f6:07:aa:59:51:b9:
3a:c0:1a:b1:c0:2f:f8:0e:1a:35:d5:b6:33:cf:6f:
df:50:64:e0:83:08:00:38:48:00:91:e6:f2:d3:92:
bf:b2:d2:60:75:3f:74:f3:23:e1:c3:92:27:a8:c4:
2f:ce:89:1c:a0:9c:1b:d4:48:04:68:aa:e4:8e:6a:
2d:31:45:43:6a:67:db:68:a3:e4:a1:2b:e5:31:3a:
c5:62:df:1b:c5:56:dc:88:99:63:e2:f3:00:a2:88:
6d:99:95:a2:08:cf:2b:fc:c5:af:c9:f7:fc:4d:0f:
e5:27:1d:87:c6:85:c9:63:f2:69:50:fc:b0:8f:c9:
61:0b:ab:69:3f:e9:0f:df:4e:eb:fd:be:e9:bb:87:
7b:6c:04:89:92:2d:d8:35:88:36:ea:2d:1f:5d:dd:
83:bb:bb:58:1c:e9:81:6c:2b:dc:5d:a2:83:f8:52:
f6:b3:10:51:e8:f5:f4:21:13:aa:f6:0c:6a:6e:65:
5d:ec:89:f6:a3:6d:19:ab:a6:6e:d9:6e:7f:94:6d:
3f:41:30:25:46:71:78:4b:8d:b3:d9:f5:87:b5:1e:
74:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:F1:49:10:30:D4:9C:44:CC:82:FF:FE:B4:64:DE:92:D1:E0:38:6D
X509v3 Authority Key Identifier:
keyid:48:6C:2D:8A:F4:CE:50:CE:6F:43:E7:DF:44:E0:B5:03:70:0A:86:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SGwtivTOUM5vQ-ffROC1A3AKhsA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/d827c0-d6d5-48f6-8f45-f1a5ddd7798b/1/HfFJEDDUnETMgv_-tGTektHgOG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/d827c0-d6d5-48f6-8f45-f1a5ddd7798b/1/SGwtivTOUM5vQ-ffROC1A3AKhsA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.243.114.0/24
185.252.28.0/22
Signature Algorithm: sha256WithRSAEncryption
91:e2:84:91:a4:d3:4b:68:a0:f4:e0:f1:43:0f:da:77:37:9d:
51:11:c5:8d:41:5c:bd:1f:2f:f3:16:fa:55:dd:22:2b:59:9f:
9b:58:c6:8f:c0:18:f0:16:cc:c3:24:3f:3e:da:fb:ca:7d:f7:
87:1b:13:f6:1d:b4:85:70:b9:c8:15:c3:21:96:10:ee:66:2a:
e4:e1:df:0b:9b:a7:a2:c5:83:60:cf:af:74:56:5a:f5:63:c8:
93:41:d4:ce:f4:fc:95:57:ac:0f:18:8f:cf:0a:79:98:0b:31:
a2:24:55:6b:75:97:07:0d:7b:8c:12:09:6b:d1:21:14:71:70:
63:86:42:76:e6:a0:3a:a1:ec:f0:de:b8:e3:5e:39:fb:ce:66:
f5:4d:58:9f:26:52:90:8a:14:f5:8d:fe:72:b1:38:75:62:df:
9a:a9:6b:37:95:88:b4:0c:8c:11:ae:48:2b:b6:03:34:55:18:
bb:97:d9:1a:f9:5b:91:86:94:cd:6f:f7:c1:9c:46:d8:b5:37:
40:bf:e6:5a:d1:0e:87:45:8b:06:4e:92:d5:db:2f:c8:ec:26:
58:11:54:de:16:d8:5b:a9:81:41:29:b4:c6:02:2d:36:2e:aa:
ef:1f:74:90:4f:88:64:44:69:36:44:5a:04:f1:87:67:1e:a9:
2d:ff:93:3b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZZoYonwgexA+j2irtaPZT4gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4NmMyZDhhZjRjZTUwY2U2ZjQzZTdkZjQ0ZTBiNTAzNzAw
YTg2YzAwHhcNMjUwNDI0MTUyMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGYxNDkxMDMwZDQ5YzQ0Y2M4MmZmZmViNDY0ZGU5MmQxZTAzODZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosfGrJZ26yyzK16gIJo5U6CMo/HX
bjISQksOjlenjfuJLX+Jcvb2B6pZUbk6wBqxwC/4Dho11bYzz2/fUGTggwgAOEgA
keby05K/stJgdT908yPhw5InqMQvzokcoJwb1EgEaKrkjmotMUVDamfbaKPkoSvl
MTrFYt8bxVbciJlj4vMAoohtmZWiCM8r/MWvyff8TQ/lJx2HxoXJY/JpUPywj8lh
C6tpP+kP307r/b7pu4d7bASJki3YNYg26i0fXd2Du7tYHOmBbCvcXaKD+FL2sxBR
6PX0IROq9gxqbmVd7In2o20Zq6Zu2W5/lG0/QTAlRnF4S42z2fWHtR50SwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB3xSRAw1JxEzIL//rRk3pLR4DhtMB8GA1UdIwQY
MBaAFEhsLYr0zlDOb0Pn30TgtQNwCobAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0d3dGl2VE9VTTV2US1mZlJPQzFBM0FLaHNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9kODI3YzAtZDZkNS00OGY2LThmNDUt
ZjFhNWRkZDc3OThiLzEvSGZGSkVERFVuRVRNZ3ZfLXRHVGVrdEhnT0cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9kODI3YzAtZDZkNS00OGY2LThmNDUtZjFhNWRkZDc3OThi
LzEvU0d3dGl2VE9VTTV2US1mZlJPQzFBM0FLaHNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW/NyAwQC
ufwcMA0GCSqGSIb3DQEBCwUAA4IBAQCR4oSRpNNLaKD04PFDD9p3N51REcWNQVy9
Hy/zFvpV3SIrWZ+bWMaPwBjwFszDJD8+2vvKffeHGxP2HbSFcLnIFcMhlhDuZirk
4d8Lm6eixYNgz690Vlr1Y8iTQdTO9PyVV6wPGI/PCnmYCzGiJFVrdZcHDXuMEglr
0SEUcXBjhkJ25qA6oezw3rjjXjn7zmb1TVifJlKQihT1jf5ysTh1Yt+aqWs3lYi0
DIwRrkgrtgM0VRi7l9ka+VuRhpTNb/fBnEbYtTdAv+Za0Q6HRYsGTpLV2y/I7CZY
EVTeFthbqYFBKbTGAi02LqrvH3SQT4hkRGk2RFoE8YdnHqkt/5M7
-----END CERTIFICATE-----
Generated at Fri May 9 23:54:24 2025 by rpki-client